[freenet-cvs] r8051 - trunk/website

[email protected] Fri, 17 Feb 2006 02:32:26 +0000 (UTC)

Author: ian
Date: 2006-02-17 02:32:23 +0000 (Fri, 17 Feb 2006)
New Revision: 8051


Modified:
   trunk/website/index.php
Log:
prevent exploit

Modified: trunk/website/index.php
===================================================================
--- trunk/website/index.php     2006-02-16 17:42:34 UTC (rev 8050)
+++ trunk/website/index.php     2006-02-17 02:32:23 UTC (rev 8051)
@@ -1,7 +1,7 @@
 <?
 session_start();
 if (isset($_REQUEST["page"])) {
-  $page = $_REQUEST["page"];
+  $page = str_replace("%", "", $_REQUEST["page"]);
 } else {
   if ((stristr($_SERVER["HTTP_ACCEPT_LANGUAGE"], "ja")) &&
       !(stristr($_SERVER["HTTP_ACCEPT_LANGUAGE"], "en"))) {

[freenet-cvs] r8051 - trunk/website

Reply via email to